[metadata]
id = "MSC04-C"
type = "rule"
category = "MSC"
number = 4
title = "Do not use recursive function calls"
description = """
Functions shall not call themselves, either directly or indirectly.
Recursion carries the risk of exceeding available stack space, which can
lead to a denial-of-service condition. In safety-critical and constrained
systems, all function calls must have bounded stack depth, which recursive
calls cannot guarantee without formal proof.
Maps to BRULE-058 (Constrained tier): prohibits recursion.
Direct recursion is detected from AST analysis alone. Indirect recursion
(mutual recursion, longer cycles) requires prescan data via the -d flag.
"""
severity = "Medium"
likelihood = "Probable"
priority = "P8"
level = "L2"
cert_version = "Custom (BRULE-058)"
last_modified = "Mar 30, 2026"
[rules.cert_c.MSC04-C]
enabled = true
[references]
wiki = "https://wiki.sei.cmu.edu/confluence/display/c/MSC04-C.+Use+comments+consistently+and+in+a+readable+fashion"
cwe = ["CWE-674"]